The online personalized card company, Moonpig, has blocked an unspecified number of accounts of customers after users’ details were published online.

According to the company’s website, customers’ email addresses, passwords and account balance had been made public. However, they stress that the source of passwords was not their site, but from other online sites where users use similar passwords.

“As a precautionary measure, we promptly closed our Moonpig site and apps to help us investigate and contain this issue. Following these investigations, we now have strong evidence that the customer email addresses and passwords we identified were taken previously from other third party websites, and not directly from Moonpig.com."

"This data was then used to access the account balances of some of our Moonpig.com customers. As a reminder, we do not store full credit card information ourselves so this data was not accessible in any event.”

Moonpig has contacted affected customers, and advised them to reset their passwords and ensure that they are not reusing the same passwords anywhere else on the net

They are back again after almost three years! Team GhostShell, a well-known hacking group, has returned with hacks and database leaks.

The hacking group claims to have leaked data from various websites within 24 hours.

On June 29, the team posted on twitter links to a number of Korean and Japanese websites, educational portals, university websites and travel websites which they claim to have hacked.

The posted websites and services do not appear to follow a particular trend or pattern so it is believed that the sites have been hacked.

Lee J, a security researcher, posted on Cyber War News that when he contacted TeamGhostShell, they had explained that not all data is going to be leaked from targeted sites and as an example of this got shown an exclusive set of data from an Australian cloud provider (redacted for now) which contains 1,500+ full banking information such as full names, home addresses, mobile contact numbers, contract dates and probably worst of all Tax file number (TFN). The provider has been contacted at time of publishing.

According to him, till the date, 444 different databases have been dumped from various sites and sub-domains mostly being education and government based.

“A basic scan of these sites has shown that there is a heap of accounts leaks, over 17,700 have email and password combinations as well as many other user name and password combinations as well,” he added.

“I have been told in a conversation with TeamGhostShell that they plan to leak data until they are caught,” he said.

He said that the team has added pastebin.com account with a paste titled “Dark Hacktivism- Information is everything”.

It is said that this is not the end. There are a lot more data to come over in coming days or weeks.

iiNet, Australia's’ second largest internet service provider, has urged its more than 30,000 Westnet internet users to change their passwords after a hacker claimed to have gained access to the customer database and put them on sale.

According to a tweet posted by Cyber War News, the unknown hacker claimed to have hacked important details of the customers like passwords, email-addresses, telephone numbers etc.

He is now offering to ‘sell or trade’ Westnet's customer database.

However, he has not mentioned any rate for the information.

Matthew Toohey, chief information officer at iiNet, told Mashable Australia that the hack, which could be an unauthorized access to old customer information stored on a legacy Westnet system, was under investigation and had been reported to law enforcement agencies.

"iiNet takes the privacy and security of customer information extremely seriously," he said. "The 30,827 impacted customers are being contacted with a recommendation they change passwords associated with their accounts as this is the most effective way to ensure security. As a precaution, additional steps have been taken to increase the monitoring of impacted accounts."

Hackers have targeted one of the largest online dating sites of the world, Adult Friend Finder to leak personal data of four million users.

The stolen data includes the sexual orientation of the users, their sexual preferences, and might even potentially reveal who are the ones seeking extramarital affairs. The data also includes email addresses, usernames, dates of birth, postal codes and unique internet addresses of users' computers.

The hack is estimated to have affected 4 million users, including users who have requested the site for a deletion of their accounts.The leaked information contain addresses linked to dozens of government and armed services personnel and members of the British Army.

Channel 4 news, who have been actively tracking such incidents of hacking and information release to the Deep web have found a secretive forum in which a hacker nicknamed ROR[RG] posted the details of users of Adult Friend Finder.

Shaun Harper is among those whose details have been published. Harper, who had requested his account to be deleted stated that, "The site seemed OK, but when I got into it I realized it wasn't really for me, I was looking for something longer term. But by that time I'd already given my information. You couldn't get into the site without handing over information. He added, "I thought the information had gone. These sites are meant to be secure."

Mr. Harper has been targeted with a spate of spam emails ever since his information was leaked. Experts are of the opinion that hackers will further sift through the leaked data to zero down on potential blackmailing targets.

FriendFinder Networks Inc, the owner of Adult FriendFinder have already started working with law enforcement to investigate the matter and have assured customers of strong action in case they are affected.

US sitcom 'One Big Happy' star Kelly Brooks has become a target of hackers for the second time after a set of 24 nude photos of her were posted online by hackers.

The photos show the actress in various intimate poses in her bedroom. Kelly had fallen victim to a celebrity hacking scandal last year also in which thousands of photos of various celebrities were posted online in one of the biggest scandals of such kind.

Her ex-fiancee David McIntosh also features in the photos. The last time Kelly fell prey to such activity, 34 of her private photos had been posted online.

Prior to all the scandals, Kelly had tweeted, "The only nude photos you'll see of me are the ones that I leak and the ones my head is superimposed on!"

More than 60,000 accounts details have been leaked by a hacker from European cyber army(ECA) going by handle "Zer0Pwn".

The database dump is said to be compromised from two syrian websites : job.sy and realestate.sy.

Hacker posted a sample data in a paste(http://pastebin.com/7Y13ULux) entitled "ECA vs. Assad" along with a link to full database dump. The dump contains names, email ids, passwords, phone number and other details.

While the passwords compromised from job.sy are encrypted, the passwords from realestate.sy are in plain text format.

Lee J from Cyber War News analyzed the full database dump and reported that database dumps from realestate.sy contain more than 4000 unique login credentials and database dumps from jobs.sy contains more than 50,000 login credentials.

Some other members from ECA has attacked syrianmonster.com and compromised admin's login credential.

A hacker claiming to be part of the Anonymous hackers group has breached the Johns Hopkins University website and leaked the data compromised from the database server.

The database server contains information of current and former biomedical engineering students. The stolen information includes name, phone number and email id of students.

The University says no information such as Social Security numbers and credit card numbers that would make identity theft a concert, is not involved in the breach.

According to the Baltimore Sun, the so-called anonymous hacker attempted to extort the university for further access to its database server, threatening to leak the stolen data unless university handed over the server password.

The breach reportedly occurred in last November, the vulnerability responsible for the breach has been patched. The University is currently working with FBI and trying to remove the leaked data from online.

Hackers claimed to have compromised millions of records from the servers.

"If we are able to reach these info on their systems with our limited resources imagine what can foreign intelligence agency do. These companies have 90% of the population's data on their systems and they can't protect them." Hackers said.

The have dumped(http://justpaste.it/eaml) some of data compromised from TTNet. The dump only contains the membership details of Ministries, National Intelligence Agency(MIT),and Security Directorate. Hackers didn't publish the data belong to general public, "as a matter of principle".

The leak contains information such as names, phone numbers, addresses, email IDs and other information.

Hackers said the reason for these breaches is to prove the fact that no one and no system is 100% secure.

"In the coming days we'll continue with those exploiting the country. No public information will be shared. Our people can be at ease." The group said that they will continue the operation.

Few days back, Nullcrew hackers hacked into Bell Canada website and leaked thousands of customer data.

Bell Canada confirmed Sunday that usernames and passwords of 22,421 and five valid credit card numbers have been leaked by hackers. However, the organization points finger at Third-party saying the leak "results from illegal hacking of an Ottawa-based third-party supplier's information technology system".

Bell claims its own network wasn't affected by this breach. Bell has disabled all passwords and notifying all affected users. They are currently working with law enforcement and government security officials to investigate the matter.

"Quite a laughable claim, Bell actually knows of the breach, they knew the vulnerable section of the website for two weeks."In a response to the Bell's claim, hackers said in their twitter account.

The screenshot provided to DataBreaches shows that the hackers had a chat with Bell Support team.

The Nullcrew Team is back! After several months, the group returned with a new database leak. They claimed to have hacked into the Bell Canada website(www.bell.ca) and compromised the database server.

Just few hours before, the group published a link to leak(http://nullcrew.org/bell.txt). The leak contains thousands of usernames,email addresses and plain-text passwords and even some credit card data.

"Go f****g figure, people who are suppose to provide secure connection to the internet?.. They can't secure themselves, and with that said?" Hackers wrote next to the leak.

A Hacker group calling itself 'The Islamic Cyber Resistance Group' claimed to have hacked into the Israel Aviation Authority (iaa.gov.il) website and gained access to its Internal network.

The group claimed to have obtained sensitive information regarding domestic and international flight maps, FarsNews reports.

The group said that they had ability to cause disruption in services such as flight routing, communications between plane and ground stations.

"By the grace of God, we could gain access to iaa.gov.il LAN and in addition to obtaining sensitive information, seized full control over the management panel." The group said in a statement.

"But as the world knows, killing women, children and innocent people is a profession exclusive to Israel and its neophytes, and we, as ordered by Islam, do condemn such moves and, thus, find it sufficient to release sensitive information to prove that we have had the access to the servers and downed the website. "

Hackers said they had access to the server for months and downloaded a huge amount of data. They also claimed to have wiped the whole server data.

The leaked information includes 'Domestic and international flight information Database', 'Some of the flight briefing files which are only provided to pilots and control towers', 'Management and flight routing software information', 'Weather condition maps'.

Recently a hacker using twitter handle "@smitt3nz" hacked into the World Poker Tour Amateur Poker League(WPTAPL) website and leaked a database containing email addresses,clear-text passwords of more than 170k users.

WPTAPL Officials have now confirmed the security breach to SC Magazine. However, they are trying to downplay the impact of the breach.

Kurt McPhail, president and CEO of WPTAPL claimed the leaked information are pretty much worthless and most of the compromised data was old.

They also said that only 50k of leaked accounts are still active and information can't even be used to log into their website because players use different separate username to log in.

I can't agree with their point that the leaked info are worthless. The listed email ids and passwords may not allow attackers to log in the WPTAPL. But, most of people normally use the same password for their email ID. An attacker can use the info to compromise the email account.

The vulnerability in question is reportedly being fixed and members are being notified about the breach.

It appears any websites that do Bitcoin transactions are coming under the radar of Hackers. SealsWithClubs is the latest victim.

Online Poker service SealsWithClubs which is claimed to be the world's largest bitcoin poker site has admitted their database server containing user credentials compromised by the hackers.

They said the stolen passwords are hashed and salted but urged users to change their password. If you used the same password anywhere else, you are recommended to change there also as precaution.

Ars Technica pointed out a link to the InsidePro forum's post in which an user with online moniker "StacyM" has asked other users to crack 42,000 hashed passwords.

StacyM is offering $20 in Bitcoins for every 1000 unique cracked passwords. Thousands of passwords have already been cracked. He didn't mention the source of those hashes. However, some cracked passwords such as "sealswithclubs", "pokerseals" is appeared to be from the SealsWithClubs website.

The infamous Serbian hacker group called as "Tesla Team" is targeting government websites belong to various countries. The group has managed to find SQL Vulnerability in the target websites.

Affected websites includes Albanian Ministry of Economy Trade and Energy(mete.gov.al), Ministry of Finance and Economic Planning of Ghana(mofep.gov.gh), Court of Bosnia(sudbih.gov.ba) and qashqadaryo.gov.uz.

The hacker didn't deface any of the hacked websites. He managed to extract the data from the target database servers and leaked them instead.

The dump contains username and password credentials stolen from the database. The group also provided the proof-of-concept link along with the database dump.

TeslaTeam, one of the infamous hacker group from Serbia, claimed to have hacked into one of the most famous celebrity fashion sites E!NEWS.

E! News is one of the high profile website that has alexa rank around 600, provides entertainment news, celebrities, celeb news, and celebrity gossip.

The group has discovered a SQL injection vulnerability in one of the subdomain of E News(br.eonline.com), the poc for this vulnerability has been provided along with the database dump(pastebin.com/2c28RJDe)

The database dump contains the list of tables, username and password phone of admin and other users.

The same group recently hacked into the Vevo website and leaked the database.

The hacker who behind the attack also made a post in MacRumors forum regarding the breach saying "We're not 'mass cracking' the hashes. It doesn't take long whatsoever to run a hash through hashcat with a few dictionaries and salts, and get results."

Hackers also claimed that they are not going to use the compromised credentials to log into gmail, apple accounts or any other accounts unless they target users specifically for some reason.

"Stop worrying, and stop blaming it on Macrumors when it was your own fault for reusing passwords in the first place." the hacker added.

It appears hackers have gained access to the database by logging into the forum with the stolen credentials of a single moderator.

Anonymous hacktivists has leaked a number of documents which is said to have compromised from the personal computers of regional administrations, mainly presidents of Calabria, Lombardia, Sicilia, Toscana, Campania and Puglia.

The leak is only the first leak in series of leaks targeting Italian regional Government. This first leak contains documents compromised from personal computer and mobile devices of Giuseppe Scopelliti, an Italian politician and a member of The People of Freedom political party.

"Giuseppe did nothing to stop mafia in Calabria spreading like plague,
nor he did anything to at least look like trying." hackers wrote in cyberguerilla website.

The hacktivists have posted a 400MB archive file containing 1000 documents and Gallery of 27 documents.

"This is just a beginning. People of Italia do have the right to know what the government is involved in, especially when it comes to mafia wars and corruption in the region." hackers wrote.

The Turkish hacktivists RedHack has leaked documents which is said to have details of Egemen Bağış, the Turkey's Minister for EU Affairs & Chief Negotiator.

The group provided a ".onion" link in their official tumblr page which is said to have contain the documents. One of the documents contains details about Egemen stay at London Hilton Park Lane.

" When we have checked the bill we have realised that Egemen Bagis was confused between tweeting verses and mixing the wines and whiskeys. These people call themselves devoted believers in religion. Really? " Hackers said in their post.

Another document is claimed to have revealing :the sophisticated details of the lifestyle of Egemen and Beyhan Bagis, their daily routines and dairy"

The group also is claimed to have leaked a document contains "the list of businessman and their contact details that would join PM Erdogan during his US visit" and more documents has been uploaded in their onion page.

Customers of the Virtual Private network provider "PureVPN" over the weekend started receiving a fake email claiming to be from the founder saying that "due to an incident we had to close your account permanently".

"We are no longer able to run an anonymization service due to legal issues we are facing" The fake email reads.

"We had to handover all customer’s information to the authorities unfortunately. They might contact you if they need any details about the case they are working on. The following information was handed over: your name, billing address and phone number provided during purchase and any documents we had on file (for example scan of your ID or driver’s license if you have provided these to our billing department)."

However, the Co-founder ,Uzair Gadit, said in the official blog post that the email is fake and confirmed the purevpn website hit by a security breach.

Hackers exploited a vulnerability in 3rd party application WHMCS and compromised the email IDs and names of registered users.

"We repeat no billing information such as Credit Card or other sensitive personal information was compromised." The blog post reads.